Resumo do conteúdo contido na página número 1
ProSafe Wireless-N 8-Port
Gigabit VPN Firewall
FVS318N
Reference Manual
350 East Plumeria Drive
San Jose, CA 95134
USA
July, 2012
202-10836-04
v1.0
Resumo do conteúdo contido na página número 2
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N © 2011–2012 NETGEAR, Inc. All rights reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of NETGEAR, Inc. Technical Support Thank you for choosing NETGEAR. To register your product, get the latest product updates, get support online, or for more information about the topics covered in thi
Resumo do conteúdo contido na página número 3
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N (continued) • IPv6 firewall rules (see Configure LAN WAN Rules, Configure DMZ WAN Rules, Configure LAN DMZ Rules, and Examples of Firewall Rules) • IPv6 attack checks (see Attack Checks) • IPv6/MAC bindings (see Set Up IP/MAC Bindings) • Simplified wireless settings submenus for easier configuration (see Chapter 4, Wireless Configuration and Security) • IPSec VPN IPv6 address support (see Chapter 6, Virtual Private Networking Using IPSe
Resumo do conteúdo contido na página número 4
Contents Chapter 1 Introduction What Is the ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N? . 10 Key Features and Capabilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Wireless Features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 Advanced VPN Support for Both IPSec and SSL. . . . . . . . . . . . . . . . . . 12 A Powerful, True Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Securit
Resumo do conteúdo contido na página número 5
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N Configure Stateless IP/ICMP Translation . . . . . . . . . . . . . . . . . . . . . . . .49 Configure Advanced WAN Options and Other Tasks. . . . . . . . . . . . . . . . .50 Additional WAN-Related Configuration Tasks . . . . . . . . . . . . . . . . . . . . . .53 Verify the Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .53 What to Do Next . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Resumo do conteúdo contido na página número 6
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N Configure Advanced Radio Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125 Test Basic Wireless Connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127 Chapter 5 Firewall Protection About Firewall Protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128 Administrator Tips. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129 Overview of Ru
Resumo do conteúdo contido na página número 7
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N View the Wireless VPN Firewall IPSec VPN Log . . . . . . . . . . . . . . . . .221 Manage IPSec VPN Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .222 Manage IKE Policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .222 Manage VPN Policies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .230 Configure Extended Authentication (XAUTH) . . . . . . . . . . . . .
Resumo do conteúdo contido na página número 8
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N Configure User Accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303 Set User Login Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 306 Change Passwords and Other User Settings. . . . . . . . . . . . . . . . . . . . 311 Manage Digital Certificates for VPN Connections . . . . . . . . . . . . . . . . . . 313 VPN Certificates Screen. . . . . . . . . . . . . . . . . . . . . . . . . .
Resumo do conteúdo contido na página número 9
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N Power LED Not On . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .379 Test LED Never Turns Off . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .379 LAN or WAN Port LEDs Not On . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .380 Troubleshoot the Web Management Interface . . . . . . . . . . . . . . . . . . . . .380 When You Enter a URL or IP Address, a Time-Out Error Occurs . . . . . .
Resumo do conteúdo contido na página número 10
1. Introduction 1 This chapter provides an overview of the features and capabilities of the ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N and explains how to log in to the device and use its web management interface. The chapter contains the following sections: • What Is the ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N? • Key Features and Capabilities • Package Contents • Hardware Features • Choose a Location for the Wireless VPN Firewall • Log In to the Wireless VPN
Resumo do conteúdo contido na página número 11
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N The wireless VPN firewall provides advanced IPSec and SSL VPN technologies with support for up to 12 IPSec VPN tunnels and 5 SSL VPN tunnels, as well as L2TP support for easy and secure remote connections. The use of Gigabit Ethernet WAN and LAN ports ensures high data transfer speeds. Key Features and Capabilities • Wireless Features • Advanced VPN Support for Both IPSec and SSL • A Powerful, True Firewall • Security Features • Autosens
Resumo do conteúdo contido na página número 12
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N • Hidden mode. The SSID is not broadcast, assuring that only clients configured with the correct SSID can connect. • Secure and economical operation. Adjustable power output allows more secure or economical operation. Advanced VPN Support for Both IPSec and SSL The wireless VPN firewall supports IPSec and SSL virtual private network (VPN) connections: • IPSec VPN delivers full network access between a central office and branch offices, o
Resumo do conteúdo contido na página número 13
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N Security Features The wireless VPN firewall is equipped with several features designed to maintain security: • Computers hidden by NAT. NAT opens a temporary path to the Internet for requests originating from the local network. Requests originating from outside the LAN are discarded, preventing users outside the LAN from finding and directly accessing the computers on the LAN. • Port forwarding with NAT. Although NAT prevents Internet lo
Resumo do conteúdo contido na página número 14
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N Dynamic Host Configuration Protocol (DHCP). This feature greatly simplifies configuration of computers on your local network. • DNS proxy. When DHCP is enabled and no DNS addresses are specified, the firewall provides its own address as a DNS server to the attached computers. The firewall obtains actual DNS addresses from the ISP during connection setup and forwards DNS requests from the LAN. • PPP over Ethernet (PPPoE). PPPoE is a prot
Resumo do conteúdo contido na página número 15
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N Maintenance and Support NETGEAR offers the following features to help you maximize your use of the wireless VPN firewall: • Flash memory for firmware upgrades. • Technical support seven days a week, 24 hours a day. Information about support is available on the NETGEAR website at http://support.netgear.com/app/answers/detail/a_id/212. Package Contents The wireless VPN firewall product package contains the following items: • ProSafe Wirele
Resumo do conteúdo contido na página número 16
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N The front panel also contains three groups of status indicator light-emitting diodes (LEDs), including Power and Test LEDs, LAN LEDs, and WAN LEDs, all of which are explained in detail in the following table. Some LED explanation is provided on the front panel. Power Left WAN LED Left LAN LEDs (green) LED (green, one for each port) Right LAN LEDs Right WAN LED Wireless LED (one for each port) Active WAN LED Test LED DMZ LED Figure 1. Th
Resumo do conteúdo contido na página número 17
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N Table 1. LED descriptions (continued) LED Activity Description LAN Ports Left LED Off The LAN port has no link. On (green) The LAN port has detected a link with a connected Ethernet device. Blinking (green) Data is being transmitted or received by the LAN port. Right LED Off The LAN port is operating at 10 Mbps. On (amber) The LAN port is operating at 100 Mbps. On (green) The LAN port is operating at 1000 Mbps. DMZ LED Off Port 8 is operat
Resumo do conteúdo contido na página número 18
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N Rear Panel The rear panel of the wireless VPN firewall includes the antennas, a cable lock receptacle, a console port, a Reset button, a DC power connection, and a power switch. Antennas (1) and (7) (6) Power switch (2) Security lock (4) Factory default receptacle Reset button (5) DC power receptacle (3) Console port Figure 2. Viewed from left to right, the rear panel contains the following components: 1. Dipole antenna. 2. Cable secur
Resumo do conteúdo contido na página número 19
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N Bottom Panel with Product Label The product label on the bottom of the wireless VPN firewall’s enclosure displays factory defaults settings, regulatory compliance, and other information. Figure 3. Choose a Location for the Wireless VPN Firewall The wireless VPN firewall is suitable for use in an office environment where it can be freestanding (on its runner feet) or mounted into a standard 19-inch equipment rack. Alternatively, you can
Resumo do conteúdo contido na página número 20
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N Log In to the Wireless VPN Firewall Note: To connect the wireless VPN firewall physically to your network, connect the cables and restart your network according to the instructions in the ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N Installation Guide. A PDF of this guide is on the NETGEAR support website at http://support.netgear.com/app/products/model/a_id/19435. To configure the wireless VPN firewall, you need to use a we